#!/bin/sh -euf
# -*- mode: Shell-script; tab-width: 8; fill-column: 70; -*-
# $Id: php5.cli.control,v 0.0.1 2005/10/28 03:31:34 legion Exp $

php_description restricted "The restricted configuration profile"

# Restricted mode
php_rule restricted 	"safe_mode_include_dir"           "./:$PHP_LIBDIR/:$PHP_LIBDIR/$PHP_VERSION/:/usr/share/php/pear/:/usr/share/php/modules/:/usr/share/php/$PHP_VERSION/modules/"
php_rule restricted 	"safe_mode_allowed_env_vars"      "PHP_"
php_rule restricted 	"safe_mode_protected_env_vars"    "LD_LIBRARY_PATH,LD_PRELOAD,PATH,TMPDIR"
php_rule restricted 	"disable_functions"               "chdir,dl,ini_get_all,phpinfo,system,shell_exec,popen,proc_open,exec,passthru"
php_rule restricted 	"error_reporting"                 "E_ALL" "6143"
php_rule restricted 	"display_errors"                  "$php_on"
php_rule restricted 	"display_startup_errors"          "$php_on"
php_rule restricted 	"log_errors"                      "$php_on"
php_rule restricted 	"ignore_repeated_errors"          "$php_off"
php_rule restricted 	"ignore_repeated_source"          "$php_off"
php_rule restricted 	"report_memleaks"                 "$php_on"
php_rule restricted 	"variables_order"                 "GPCS"
php_rule restricted 	"post_max_size"                   "2M"
php_rule restricted 	"include_path"                    "./:$PHP_LIBDIR/:$PHP_LIBDIR/$PHP_VERSION/:/usr/share/php/pear/:/usr/share/php/modules/:/usr/share/php/$PHP_VERSION/modules/"
php_rule restricted 	"extension_dir"                   "$PHP_LIBDIR/$PHP_VERSION/extensions/"
php_rule restricted 	"enable_dl"                       "$php_off"
php_rule restricted 	"upload_max_filesize"             "2M"
php_rule restricted 	"allow_url_fopen"                 "$php_off"
php_rule restricted 	"define_syslog_variables"         "$php_off"
php_rule restricted 	"alt_sapi_config_ini_scan_dir"    "$PHP_ETCDIR/$PHP_MAJOR/$PHP_SAPI/php.d"

